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SOFTWARE ANTI-PIRACY LICENSING 

BACKGROUND OF THE INVENTION 

Field of the Invention 

5 The present invention relates to electronic enforcement of licenses for software 

services installed for a predetermined time on computers connected through a 
communications network. 

Background Art 

Software piracy is a major problem for the software industry. An independent 

10 study released by the Business Software Alliance and the Software & Information 
Industry Association estimated that, of the 615 miUion new business software 
applications installed worldwide during 1998, 231 million were pirated. This 
represents a loss of over one-third of the licensing revenue that should have been 
generated, or nearly $11 billion dollars in 1998 alone. SIIA's Report on Global 

15 Software Piracy 1999, page 3, May 25, 1999 (Software & Information Industry 
Association, 1730 M Street NW, Suite 700, Washington, D.C. 20036, 
http://www.siia.net/piracv/news/news.htm) . 

There have been numerous efforts to devise systems to electronically enforce 
the licensing of computer software. A conmionly used prior art system is to require 

20 the end user to enter an authorization code at installation time. If the authorization 
code matches the code that is incorporated in the software, then the software is 
installed on the computer. If the authorization code does not match, then the software 
cannot be installed, thereby protecting the software from unauthorized use. A major 
drawback to this system is that it does not generate a unique Ucense. There is nothing 

25 to prevent the end user from instalUng the same software on a different computer as 
long as the proper authorization code is entered. Thus, the end user can create an 
unlimited number of unauthorized copies of the software. 
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To overcome this drawback, some enforcement schemes generate a unique 
license that is specific to the computer on which the software is installed. If the 
software is copied to another computer, the software will not function because it is not 
authorized for that computer. However, this scheme can be cumbersome in a large 

5 networked computer environment where the computer configurations are constantly 
changing to meet business needs. 

Another commonly used prior art system requires the use of a read/write 
medium, such as a floppy disk, where the license is transferred from the medium to the 
installation target. This, too, can be a cumbersome licensing scheme since it requires a 

10 transfer medium. Moreover, there is nothing to prevent an end user from transferring 
the license back to the medium and installing it on another unauthorized computer. 

The current trend in software procurement is to eliminate the physical medium 
altogether. With the advent of the internet, an increasing number of software 
applications are distributed electronically. While the internet has accelerated software 

15 piracy, it has also provided software vendors with new opportunities for electronic 
license enforcement. Electronic software distributors can generate a one-shot 
temporary electronic license that is downloaded with the software to allow the end 
user to install the software on their computer for a Umited duration trial period. After 
the expiration of the temporary electronic license the end user must purchase a full 

20 license, or the software is disabled. 

A problem with these so-called "try and buy" electronic licensing schemes is 
that they are designed for direct software sales to end users in stand-alone computer 
environments. They require the end user to connect directly to the distributor's 
electronic commerce web site to purchase a single license. Many of them have the 

25 same disadvantages associated with more conventional electronic licensing schemes, 
since they often require the use of an authorization code. The only difference is that 
the authorization code is delivered to the user electronically, typically only after the 
user has registered with the web site. There is still no way to insure the authorized use 
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of the software once it has been electronically distributed. Most importantly, the prior 
art electronic licensing distribution and enforcement schemes are not designed for 
multi-computer networked environments requiring a high volume of multiple licenses. 
License enforcement schemes designed for the stand-alone computer environment 
5 may not work properly in a multi-computer networked environment. 

Another disadvantage to prior art electronic enforcement schemes is that they 
lack the ability to allow for the periodic electronic renewal of a temporary license for 
subscription-based software services. Instead, the prior art enforcement schemes are 
based on the assumption that the software license is purchased outright, and not 

10 renewed for limited periods of time. 

Reported industry trends indicate that electronic license distribution will be the 
corporate standard within the next decade. It is anticipated that electronically 
distributed licenses will account for $89 biUion dollars of revenue for the software 
industry by the year 200 L Computerworld, Electronic Licensing Gains in Popularity, 

15 David Orenstein, Oct. 19, 1998, p.65(l). Therefore, the electronic enforcement of 
software licenses is a critical component of the software anti-piracy effort. 
Accordingly, a new approach to electronically enforcing software licenses that is 
flexible and scalable, but not unnecessarily burdensome for legitimate end users, is 
desirable. 

20 SUMMARY OF THE INVENTION 

A licensing service is provided with an enforcement agent to control the 
licensing for an installed software on a device. The licensing service further provides 
a license issuer to issue licenses for the installed software, and a service agent, in 
conmiunication with the enforcement agent and the Ucense issuer, to distribute 
25 licenses from the license issuer to the device. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Further advantages and features of the invention will become apparent in the 
foUov^ing detailed description and accompanying drawings. 

Fig. 1 illustrates an example of a typical computer configuration for an 
5 implementation of the method of electronic license enforcement. 

Fig, 2 is a flow diagram illustrating an implementation of the general flow of 
license generation and distribution. 

Figs. 3A and 3B are flow diagrams illustrating an exemplary interaction 
between a Point-of-Service computer (PCS) as shown in Fig 1, and a licensing ser/ice 
10 agent. 

Fig. 4 is a flow diagram illustrating an exemplary interaction between a 
licensing service agent and a Value Added Reseller (VAR) as shown in Fig 1. 

DETAILED DESCRIPTION 

OVERVIEW 

15 The following sections describe an improved method for electronically 

enforcing licenses for installed software services. The method can be implemented in 
a multi-computer networked environment having a variety of configurations, or on a 
single stand-alone computer. The goal of the method is to service the licensing needs 
of end users who have installed Ucensed software on their computers. The method not 

20 only insures license compliance, but does so in a manner that is transparent to the end ' 
user. 

In the implementation the method employs a non-renewable license that is 
uniquely identified with a specific computer and is of limited duration. There are three 
types of licenses: install, trial, and purchased. All licenses are digitally signed to 
25 protect against tampering. A Ucense is considered vaUd when it is present on the 
point-of-service (POS) computer where the software service is installed, when it has a 
valid digital signature, and when it is not expired. 
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In the implementation, the POS computers on which the software services Eire 
installed are self-licensing. The install and trial licenses originate at the POS, whereas 
the purchased licenses are issued by a third party. The third party is either a software 
vendor, a value added reseller of software services, or a corporate Ucense server. 

5 Depending on the capabilities of the third party, in one implementation, a licensing 
service agent pushes licenses as they are generated on the POS up to the third party for 
eventual refreshing. In another implementation, the licensing service agent may need 
to periodically collects copies of the POS licenses (either new install or trial Ucenses, 
or expired purchased licenses) from one or more POS computers and exchange them 

10 in bulk for new purchased licenses. Regardless of the particular implementation, the 
exchange is referred to as a "Refresh Licenses" task. In one implementation, the 
"Refresh Licenses" task is performed by executing an electronic commerce transaction 
with the third party over the internet. Alternatively, it may be performed over a private 
network using other known means of electronic data interchange, 

15 The service agent periodically pushes the refreshed licenses back to the POS 

computers with which they are uniquely identified, so that the licenses themselves are 
always maintained on their respective POS computer. If the software service is later 
removed from the POS, the license is allowed to remain. Since the license is uniquely 
identified to a specific POS, it cannot be transferred. 

20 Because the POS is self-licensing, any number of service agents can purchase 

licenses for any given POS computer with which the service agent can connect via a 
local or remote network. In an implementation of the method, the service agent may 
reside on one or more service management consoles. The consoles themselves are not 
licensed, but rather provide the conduit through which the licenses flow between the 

25 POS and the third party. The service agent maintains copies of collected POS licenses 
and new purchased licenses issued by the third party in a discovery database. The 
service agent synchronizes the collection of licenses from POS as well as the 
replacement of the POS licenses with new licenses using the discovery database 
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The relationships between the various POS computers serviced by the service 
agent may be graphically displayed as a node tree to facilitate the bulk administration 
and purchase of new licenses. In an implementation of the method, the "Refresh 
Licenses" task is accomplished at the level of the root node of the tree. The interaction 

5 between the service agent and the third party can be implemented over a network such 
as the internet by the exchange of a license file using standard communication 
protocols. At least two levels of service agent/third party interaction are provided; 
administrator level interaction and technician level In addition to refreshing licenses, 
the service agent also performs other system maintenance and alert functions for the 

10 POS computers. 

DETAILED OPERATION 

The licensing functions that the method of the invention performs are logically 
broken down into two types: those that are performed on the end user's computer, and 
those that are performed elsewhere. As a point of reference, the end user computer is 

15 the logical starting point, because that is where the first license originates. When the 
software is initially installed on the end user computer, it generates its own license, 
called an install license. For descriptive purposes, this end user computer is referred to 
as the "point-of-service," or POS. 

The POS install license is set to expire immediately. Its main purpose is to be 

20 used to generate a trial license. In one implementation, the POS install license is 
stored in a common location in the computer, such as the Pong Data. The Pong Data 
is periodically "pinged" by an external license servicing agent to retrieve the license 
for processing. In another implementation, the POS will initiate contact with an 
external licensing service to obtain a license. The first step in license processing is to 

25 generate the trial license. The trial license is generated on the POS by an intemal 
software agent that resides on the POS. The trial license generation may be triggered 
by the external agent by "pinging" the Pong Data. Altematively, it could be triggered 
by the POS itself; either way the trial hcense replaces the install license and is stored 
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on the POS. The install license begins a licensing cycle that is repeated for as long as 
necessary to insure that the POS has a current license. The trial license allows the end 
user to "test drive" the software service for a predetermined amount of time. When 
the trial license expires, the external license servicing agent delivers a new purchased 

5 license assuming that the end user has made the proper payment arrangements. The 
POS conditionally replaces the expired license with the new license without end user 
intervention. Conditions that must be satisfied to successfully replace a license 
include authenticating the new license, and insuring that it has not expired. Like the 
trial license, the purchased license is of limited duration, and will eventually need 

10 replacement. Because the licenses themselves are maintained on the POS computers, 
the method is scalable to service a large number of end users. 

The POS performs a number of other functions, besides coordinating the 
generation and replacement of the install, trial, and purchased licenses. Each time the 
software service is used, the POS performs a verification function to insure that the 

15 current license is valid. The verification process is based on an authentication model 
that uses the license to verify that the POS is authorized to use the licensed software 
service at the present time. To facilitate this process, the method uses a license fomat 
that contains a unique identifier that associates the license with a specific POS 
computer. In addition, the license format includes a digital signature that incorporates 

20 information from the unique identifier, as well as the rest of the license information 
(e.g. creation time and expiration). 

The license's digital signature is created using encryption technology that is 
known in the art. Because the digital signature depends on the content of the license, 
the license's digital signature changes each time a new license is generated. The digital 

25 signature enables the POS to determine whether a given license is authentic (i.e. v/as 
either generated by the POS itself, or issued by an authorized license server) and to 
verify the integrity of the license (i.e. detect whether any of the information in the 
license has been tampered with, e.g. creation time, expiration time). 
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The digital signature depends in part on the value of the license's unique 
identifier. The unique identifier is a globally unique identifier (GUID) that insures that 
the license will only authorize use of the installed software for that particular POS and 
no other. For descriptive purposes, the unique identifier is called a Node ID, referring 

5 to the POS in the context of the network in which it resides. However, the POS may, 
in fact, be a stand-alone computer as well. In the stand-alone context, the Node ID is a 
unique identifier that will distinguish the POS from other POS computers that are 
serviced by the same external license distribution agent or whose hcenses are issued by 
the same license server. 

10 The external license servicing agent that initiates contact with or responds to 

the POS may take many forms. For example, in some implementations it may take the 
form of a software agent that resides on a vendor's electronic commerce web site that 
services various individual end users needing to license a variety of software services 
for their stand alone or local area networked computers. In larger corporate 

15 organizations, the external license servicing agent may be implemented in an 

appUcation that resides on a license server computer that administers a high volume of 
licenses purchased on behalf of the end users from an outside vendor. The license 
server may reside within the corporate network, or may be part of network operated by 
a value added reseller (VAR). The license server can manage many POS computers, 

20 and so is equipped with additional features to enable the bulk administration of 
licenses, including bulk purchase and distribution. 

An example of a typical configuration (10) of a multi-computer networked 
environment in which the method can operate is illustrated in Figure 1. With reference 
to Figure 1, the end user computers on which the software services are installed are 

25 referred to as the point-of service (POS) computers (20), as previously described. 
They may be server computers, desktop computers, notebook computers, or any other 
computer where a licensed software service resides or is used. In any given 
configuration, there may be at least one service management console (30) that is 
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connected to and services the POS computers (20) via a remote (40) or local area (50) 
network. The service management console (30) contains the external license servicing 
agent that services the POS computers (20). In the illustrated implementation , the 
service management console (30) acts as a proxy license server, retrieving existing 

5 licenses from the POS computers (20), and interacting with a third party vendor 
website (60) that issues new purchased licenses over a network such as the internet 
(70). The newly purchased licenses are in turn delivered by the external license 
servicing agent on the service management console (30) back to the POS computers 
(20) via the remote (40) or local area (50) network. For maximum flexibility, the 

10 external license servicing agent can be implemented in any number of service 
management consoles, or alternatively in the third party vendor's system. Another 
implementation might employ a different configuration or communicate with the third 
party using a private network without departing from the principles of the invention. 
As previously noted, a goal of the method is to not only insure license 

15 compliance, but to do so in a manner that is transparent to the end user. The method 
accomplishes this by using a combination of intelligent software agents and the "push 
technology" model of computer interaction. Intelligent agents are application software 
programs that are designed to move logic and data over networks such as the Interaet. 
They are typically used in electronic conomerce applications to facilitate transactions 

20 between disparate computer systems. "Push technology" refers to the practice of 
delivering specific information directly to another electronic device or computer, 
eliminating the need for that other device or computer to request it. The 
implementation of the method uses an intelligent agent to locate and retrieve or send 
the license on the POS computer to a license server, and to replace the license by 

25 delivering a new one as necessary, without the end user's involvement. 

Appropriate decisions about how to process the license can be shared between 
the external intelligent agent and the agent that resides on the POS. The decisions 
include determinations about whether or not the license is valid and whether or not it 
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can be replaced. The determinations are made by examining the license's identity, 
authenticity, and expiration information. A license is considered valid when it is 
present on the POS, has a valid digital signature, and is not expired. A valid license 
authorizes a POS to operate the software service until the expiration date and time in 
5 the license. Once a license has expired it is invalid and requires a new license to 
replace it. A license can be replaced when there is a newer purchased license available 
that has the identical Node ED. A purchased license is one that has been generated by 
the third party vendor, or some other license issuer (e.g. a corporate license server, 
electronic software distributor, VAR, etc.). Licenses are non-renewable and non- 
10 transferable. Licenses remain on the POS indefinitely, even if the software service to 
which the license pertains is removed. 

Figure 2 illustrates the general flow of an implementation of the method of 
license generation. First the POS generates the install license (200). When a service 
management console connection is attempted (210), a software agent residing on the 
15 POS is triggered to create a trial license (220) using the previously generated install 
license. The trial license is set to expire at a predetermined date and time. The current 
POS license, whether it be an install, trial, or previously purchased license, is collected 
by the external license servicing agent to a discovery database that resides on the 
service management console (230). In the illustrated implementation, after collecting 
20 licenses from one or more POS computers, the external license servicing agent 
initiates a connection from the service management console (230) to a third party 
VAR, an electronic commerce site that will issue purchased licenses for the software 
services installed on the POS computers (240). The external license servicing agent 
exchanges the licenses on the discovery database (280) in the service management 
25 console that were collected from the POS computers for new purchased licenses issued 
by the VAR (250). Subsequently, the external license servicing agent initiates a 
connection from the service management console to the POS computer (260) to push 
the new purchased licenses back to the POS (270). The external license servicing 
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agent continues the cycle by periodically retrieving and collecting expired POS 
licenses to the discovery database (280) on the service management console, and again 
connecting from the service management console to the VAR to refresh the licenses 
(240). 

5 The following structure in Table 1 defines an implementation of the license: 



struct _LICENSE { 


uintS 


signature [15] ; 


uintlS 


version; 


uintS 


flags; 


uintS 


osType; 


uint32 


reserved; 


time_t 


creationTime ; 


time_t 


expirationTime ; 


uintS 


nodeID[16] ; 


} 



Table 1 



The specific structure of the license may vary without departing from the principles of 
10 the invention. A detailed explanation of each field in the license structure follows: 

Signature. This field represents a digital signature that is used to validate the license. 
One implementation of the digital signature is generated by applying the MD5 
message digest algorithm to the structure starting at the version field and continuing 
15 until the end of the structure (only the length and signature fields are omitted) {Request 
For Comment 1321, R, Rivest, MIT Laboratory for Computer Science andRSA Data 
Security, Inc., April 1992) The resulting message digest is encrypted with a 56-bit 
DES key extracted from the 128-bit node ID field (defined below). 

20 Version. This field represents the Ucense version number. The version number allows 
for future enhancements to be made to the license structure. One implementation of 
the version number starts with the number 1 and is monotonically incremented as the 
license definition is enhanced. 
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Flags. This field is comprised of eight bits. In the implementation, only the least 
significant bit is defined for license version 1. If set, it signifies that the license is 
either an Install or a Trial License. In particular, this bit is set to 1 if the license is 
5 created by the POS agent or the POS install, and is clear (set to 0) if the license is 
created by the third party web site. The bit is used to indicate the origin of the creation 
time field to make valid comparisons using that field. The third party web site never 
sets this bit. 

10 OS Type, This field represents the type of operating system used on the POS 
computer. This field can take on one of the following values as shown in Table 2: 



#define UNKNOWN 


0 


#define NTW4x 


1 


#define NTS4x 


2 


#define NW3x 


3 


#define NW4x 


4 


#define NW5x 


5 


#define WIN95 


6 


#define WIN98 


7 



Table 2 

15 Creation Time. This field represents the date and time the license was created. 

Expiration Time. This field represents the expiration date and time. The Expiration 
Time is set to zero if this license is an Install License. 

20 Node ID. Each POS is uniquely identified by a Node E) (also referred to as a globally 
unique identifier, or GUID). Node IDs are preserved across installations. The Node 
ID identifies the license as being associated with exactly one POS computer. 

COMPONENT DETAIL 
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The functions performed by the method of the present invention may be 
implemented in three distinct components: the POS component, the Servicing 
component, and the VAR component. Each component is described in more detail 
below. 

5 POS Component 

The POS, also referred to as a managed node, generates the install license 
when the software service is initially installed. The POS sets the install license's Node 
ID to a globally unique identifier, or QUID, that is used to identify the license with that 
specific POS computer throughout the entire cycle of license servicing. The install 

10 Ucense is always set to expire inmiediately. When a servicing agent of the Servicing 
component attempts its first connection to the POS, a software agent on the POS is 
triggered to generate a trial license that expires after a predetermined date and time. 
The POS embeds the current POS license in its PDS Pong Data. The Servicing 
component uses this mechanism to periodically retrieve hcenses from the POS for 

15 collection to the Service component's discovery database. The POS license is never 
deleted from the POS computer, even if the software service to which it pertains is 
uninstalled. This preserves the Node ID and Ucense period across installs. 

Each POS must have a valid license in order to be able to use the software 
service. Since POS computers are self-licensed, any number of service agents can 

20 interact with any number of POS computers. All three of the following conditions 
must be true for a POS to have a vaUd Ucense: 

1) a license must be present on the POS, 

2) the Ucense' s digital signature must be valid, and 

3) the license expiration time must be later than the POS's current system 
25 clock. 
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The POS can continue operating autonomously even without a valid license. 
However, any servicing activity initiated by a service agent of the Servicing 
component is disabled until a new license is available. 
Servicing Component 

5 The Servicing component of the method of the present invention includes a 

service agent and a discovery database. The Servicing component may reside on a 
Ucense server computer that is either maintained by the third party license reseller (e.g. 
on the VAR web site, or license server), or may reside on one or more service 
management consoles that are distributed throughout the network that connects the end 

10 user computers. The computers where the Servicing component resides are 

themselves not licensed. The Servicing component can interact with any POS that has 
a current valid hcense. Where the Servicing component resides on a service 
management console, the console acts as a proxy server, and provides the conduit 
through which licenses flow between the VAR web site and the POS computers. 

15 The service agent maintains a discovery database of retrieved and collected 

licenses from the POS computers, and purchased Ucenses issued by the VAR web site. 
There can only be one license for each POS's unique Node ID at any given time. The 
service agent validates all licenses that it receives, and stores only valid licenses in the 
Servicing component discovery database. 

20 The Servicing component is the focal point for any interaction with the VAJRs 

that issue the purchased licenses. The Servicing component may be administered by 
either an administrative level or technician level operator for the bulk purchase and 
distribution of licenses. The POS computers to which the Servicing component cam 
connect are graphically displayed to the operator in the form of a node tree. The 

25 operator can display a POS's license expiration time as a property accessible when the 
corresponding node is selected in the tree. At the root node, the Servicing component 
provides the operator with a "Refresh Licenses" task. All Servicing interactions with 
the VAR web site are conducted through this single task. 
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The interaction between the POS and the Servicing components may be 
performed automatically, without operator intervention. When the POS license 
expires, any active POS servicing connection is dropped, and the following Servicing 
component functionality is disabled; 

5 1) connecting to the POS without new license, 

2) starting a remote control session, and 

3) configuring alerts. 

The following functionality is always operational, even when the POS does not have a 
10 valid license: 

1) connecting to the POS with a new Ucense, 

2) discovery (retrieving and collecting expired Ucenses), 

3) health connections and updates, and 
15 4) alerting. 

VAR Component 

The VAR Component provides all billing related functionality, including the 
following: 

20 1) register/authenticate Servicing component operators, 

2) register new Node IDs designating new POS computers, 

3) organize customers and related POS Node IDs, 

4) purchase Ucenses, and 

5) cancel licenses. 

25 The primary function of the VAR, in the implementation of the method of the 

present invention, is to respond to the Servicing component initiated "Refresh 
Licenses" task by exchanging the existing license data on the Servicing component's 
discovery database with new license data issued by the VAR. 

The "Refresh Licenses" task may be initiated by at least two different levels of 

30 Servicing component operators: an administrative level or a technician level. The 
method employed by the VAR must take into account the operator level in the operator 
authentication procedure, Otherwise, the VAR responses to the Servicing component 
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"Refresh Licenses" task are essentially be the same. The Servicing component 
administrator is responsible for purchasing licenses and equipment, but not necess£irily 
responsible for all small business management. The Servicing component technician 
is responsible for the management of any number of small businesses, but does not 

5 necessarily have authority to purchase licenses or equipment. Each technician might 
have a locally installed copy of the Servicing component, distinct from the 
administrator's and other technicians' Servicing components. 

The VAR component is also responsible for properly distinguishing requests 
from different customers by authenticating the user name and password of the 

10 Console operator at time of connection. 

POS/Servicing Component Interaction 

An example implementation of the interaction betvv^een the POS computer and 
the Servicing component is shown in Figures 3 A and 3B. With reference to Figure 

15 3 A, the service agent of the Servicing component initiates the interaction by pinging 
the POS computer from a service management console to retrieve the current POS 
license plus other connection information from the PDS Pong Data (300). The service 
agent first verifies that the digital signature of the retrieved POS license is valid (310). 
If so, the service agent compares the Node ID field of the current POS license with the 

20 Node ID of the existing license in the discovery database (330). If the Node IDs are 
different, then this must be a new POS license that has not yet been collected to the 
discovery database. The service agent collects a copy of the new POS license into the 
Servicing component's discovery database (340). Otherwise, if there is an existing 
license with the same Node ID, the service agent must synchronize the retrieved POS 

25 license with the existing license on the discovery database (350). If the digital 

signature of the POS license was not valid, then the service agent issues an alert (320). 

The service agent requests a connection with the POS (360). The 
corresponding license from the discovery database is included in the request. In 
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response to the connection, the POS first verifies that the digital signature of the 
Ucense from the discovery database is valid (370). It not, the POS discards the 
discovery database license (380). 

With reference to Figure 3B, if the digital signature is valid, the POS comp;ares 
5 the Node ID field of the discovery database license with the POS's current license 
(390). If the Node IDs are different, then the POS simply discards the discovery 
database license (400) as it does not belong to this POS. If the Node Ids are the same, 
the POS must synchronize the discovery database license with the POS's current 
license (410). 

10 After synchronization, but before terminating the connection, the POS must 

now verify that it has a current vaUd license to operate the installed software service. 
The POS first verifies whether the license has actually expired (420). This might be 
the case if there was no newer license on the discovery database to replace the POS's 
old license. If so, then the end user (430) is notified. The POS then verifies that the 

15 digital signature of the current POS license is vaUd (440). If it is not vahd, then the 
end user (450) is again notified. In this case, the Hcense has likely been tampered with 
or is missing, and the POS will require a reinstall of the software service. Another 
possible error is that the Ucense version is unknown, however this is unlikely to occur. 
If the POS verifies that it has a current valid license, the connection with the service 

20 agent is successfully terminated (460). 

In order for the service agent and the POS to properly synchronize the 
discovery database Ucense with the POS license, the decision table in Table 3 is used. 
The decision table specifies under which conditions the service agent and the POS 
should update their respective licenses with a new license received from another 

25 source (i.e. the VAR, or other Ucense server). The New License and Existing License 
columns in Table 3 refer to the values of bit zero of the Flags field within the license. 
As described previously, if bit zero is set (equals 1), then the license was created by 
the POS install or the POS agent at the time of Console connection. These licenses are 
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referred to as install licenses or a trial licenses, respectively. If bit zero is clear (equals 
0), then the license is a purchased license created by the VAR web site. 

The service agent and the POS synchronize their respective discovery database 
and POS licenses by determining whether a new license from each other is, in fact, 
5 newer, by comparing the corresponding Creation Time fields. 



New 


Existing 


Service Agent 


POS 


License 


License 


Updates? 


Updates? 


0 


0 


If newer 


If newer 


0 


1 


Always 


Always 


1 


0 


Never 


Never 


1 


1 


Always 


Never 



Table 3 ( where 0 = purchased, 1 = install/trial) 



As can be seen, the decision table in Table 3 indicates that a purchased license always 
overwrites an install or trial license, while the reverse is never allowed. The Creation 
Time field is only trusted when both licenses were purchased, because they originated 
10 from the VAR web site (or license server), which is assumed to have a reliable clock. 

Servicing componentA^AR Interaction 

The Servicing component and the VAR web site interact through the "Refresh 
Licenses" task. With reference to Figure 4, in preparation for initiating a connection to 
the VAR to purchase new licenses or receive updated licenses, the service agent places 

15 the collected and synchronized licenses on the Servicing component discovery 

database into an exchange format that is compatible with that used by the VAR (500). 
The service agent then connects to the third party VAR (510), upon which the VAR 
authenticates the Servicing component operator user name and password as entered 
into the Refresh Licenses task (520). The VAR then simply exchanges the service 

20 agent's exchange-formatted licenses for new purchased licenses (530). In turn, the 
service agent updates the expired licenses on the Servicing component discovery 
database with the new purchased licenses from the VAR (540). 

Example Implementation 
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The exchange of Hcenses may be accomplished in a number of ways. In one 

example implementation of the method, the exchange is accomplished by foraiatting 

an exchange license file that is in well-formed, non-validated XML described by the 

following DTD: 
5 <!ELEMENT licenses (license) *> 

<1ATTLIST licenses 

version CDATA #REQUIRED 
created CDATA #REQUIRED> 
<! ELEMENT license (EMPTY) > 
10 <[ATTLIST license 

customer CDATA # IMPLIED 
node CDATA # IMPLIED 
value CDATA #REQUIRED> 

15 An example of such a Ucense file is illustrated below: 
<?xml 

version= "1.0" 

encodings "UTF-8"?> 
20 <LICENSES 

version="l . 0'' 

created="12/l/98"> 
<LICENSE 

customer="My Business" 
25 node=: " TERMINUS " 

value= " rqYf j gSllMGepaimCp2QKQEAAAEAAAAAn91 

NvIQSzZylcVaSn/SEYSGAKDJMYZr" /> 
</LICENSES> 

30 The text of the LICENSE value attribute shown in the above example is a base-64 
encoding of the binary license structure shown in Table 1. 

In the example implementation, the "Refresh Licenses" task performs the 
following functions: 

1) The service agent places all licenses in the discovery database in the 
35 XML format described above. 
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2) The service agent sends the XML data to the VAR web site, using the 
HTTP POST operation to a well-known URL. The Servicing 
component operator's credentials are placed in the HTTP header, 
Basic Authentication is used to verify the operator's name and 

5 password. 

3) The third party VAR web site (or other license server) places the new 
purchased hcense data in the body of the HTTP response message 
following the same XML DTD described above. 

4) The service agent parses the downloaded purchased license data and 
10 updates all corresponding expired licenses in the Servicing 

component discovery database. 



While the method is implemented in software program modules, it can also be 
implemented in digital hardware logic or in a combination of hardware and software 

15 components. In view of the many possible implementations to which the principles of 
our invention may be applied, we emphasize that the implementations described above 
are only examples of the invention and should not be taken as a limitation on the scope 
of the invention. Rather, the scope of the invention is defined by the following claims. 
We therefore claim as our invention all that comes within the scope and spirit of these 

20 claims. 
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1 We claim: 

1 LA method for licensing software comprising: 

2 generating on a first computer a first license for software installed on the first 

3 computer, 

4 generating on a second computer a second license for the installed software, 

5 obtaining from the second computer the second license as authorized by the 

6 second computer, 

7 conditionally replacing the first license with the second license, 

8 periodically repeating the obtaining and replacing so that the first computer 

9 remains licensed. 

1 2. The method of Claim 1 , wherein the first and second licenses each share a 

2 unique identifier, the unique identifier associating the first and second licenses with 

3 the first computer. 

1 3. The method of Claim 1, wherein the first and second licenses are digitally 

2 signed. 

1 4. The method of Claim 1, wherein obtaining further comprises: 

2 connecting to the second computer, 

3 providing the second computer with at least some or all of the data from the 

4 first license, and 

5 exchanging the provided data from the first Ucense for the second license. 

1 5. The method of Claim 4, wherein connecting to the second computer is 

2 performed using a communications network. 
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1 6. The method of Claim 5, wherein the communications network is the 

2 internet. 

1 7. The method of Claim 5 wherein exchanging includes formatting the data 

2 from the first license using XML and exchanging the formatted data using the HTIT 

3 protocol. 

1 8. The method of Claim 2, wherein conditionally replacing further comprises: 

2 matching the unique identifier of the second license to the unique identifier of 

3 the first license, and if not matched discarding the second license without replacing the 

4 first license, and 

5 authenticating the digital signature of the second license, and if not authentic 

6 discarding the second license without replacing the first Ucense. 

1 9. The method of Claim 1 , further comprising verifying whether the replaced 

2 license is valid, including determining whether the replaced license has expired. 

1 10. The method of Claim 3 wherein digitally signed includes applying a 

2 message digest algorithm to a portion of the license not including a length of the 

3 Ucense or the digital signature, resulting in a message digest, the message digest being 

4 further encrypted with a binary key extracted from the unique identifier. 

1 11. A licensing service comprising: 

2 an enforcement agent to control the licensing for an installed software on a 

3 device, 

4 a license issuer to issue licenses for the installed software, 

5 an service agent, in communication with the enforcement agent and the license 

6 issuer, to distribute licenses from the Ucense issuer to the device. 
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1 12. A license provider comprising: 

2 a license authorizer to authorize the issue of Ucenses for software installed on 

3 remote devices, 

4 a license issuer to issue the authorized licenses, 

5 a license distributor to distribute the issued authorized licenses to the remote 

6 devices, 

7 a license enforcer to prevent the operation of the installed software on the 

8 remote device without an authorized license, 

1 13. A computer-readable medium having computer-executable instructions for 

2 performing: 

3 generating on a first computer a first license for software installed on the first 

4 computer, 

5 generating on a second computer a second license for the installed software, 

6 obtaining from the second computer the second license as authorized by the 

7 second computer, 

8 conditionally replacing the first Ucense with the second license, 

9 periodically repeating the obtaining and replacing so that the first computer 
10 remains licensed. 
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SOFTWARE ANTI-PIRACY LICENSING 



ABSTRACT OF THE DISCLOSURE 

5 A method for electronic enforcement of licenses for software services installed 

on computers connected through a communications network employs a non-renewable 
electronic license that is uniquely identified with a specific computer, is of Umited 
duration, and is digitally signed to detect tampering. The hcenses are maintained on 
the computer that operates the licensed software service, referred to as the point-of- 

10 service computer. The method employs inteUigent Ueense servicing agents to 

periodically refresh the limited duration licenses on the point-of-service computer with 
new purchased limited duration licenses from a license server. The license servicing 
agent pushes the licenses to or back from the license server. If necessary, the license 
servicing agent can operate on one or more console computers that act as proxy license 

15 servers by keeping a copy of the point-of-service licenses and refreshing them 

automatically when the license servicing agent initiates a connection to the point-of- 
service computer for maintenance. The licensing service agents can operate on any 
number of console computers or on the Ueense server itself, and can operate to refresh 
licenses for any number of point-of-service computers. The point-of-service 

20 computers can operate independently of and without connection to the console 
computers or license server computers, and are automatically refreshed with new 
licenses without requiring end user intervention. 



042390P7278 

Software Anti-Piracy Licensing 



24 



EL414970111US 



10 




Third Party VAR 
E-commerce web site 



/ 




PC Desktop Service Management 
(POS) Console 




PC Server 
(POS) 



PC Notebook 
(POS) 



Local Network 



□ 



PC Server 
(POS) 



□ 




PC Desktop PC Notebook 
(POS) (POS) 

Remote Network 1 



■ 



□ 



PC Server 
(POS) 



□ 




PC Desktop PC Notebook 
(POS) (POS) 

Remote Network n 



50 



Figure 1 



40 



200 




210 



220 



240 



250 



260 



270 



280 



Service Agent connects to POS — ► 



230 



POS Agent 
activates Trial 
License 



Service Agent 
pushes/collects POS 

licenses to 
Discovery Database 



Service Agent connects to Ttiird Party VAR ^ 



Service Agent 
exchanges collected 

licenses for new 
Purchased Licenses 
from Third Party VAR 



Service Agent connects to POS 



Service Agent 
pushes new 
Purchased 
Licenses back to 
POS 



Service Agent pushes/ 
collects expired POS 

Purchased Licenses to 
Discovery Database 



Figure 2 



300 



Service Agent pings 
POS to retrieve 
license 





41 0'^ 



EQUAL 



POS synchronizes 
new License with 
existing POS 
License 




Figure 3B 



500 



510 



520 



Service Agent places 

licenses from 
Discovery Database 
into exciiange 
format 



Service Agent connects to Third Party VAR 



1 



Third Party VAR 
authenticates 
Service Agent 
operator name and 
password 



530 



Third Party VAR 

exchanges 
formatted licenses 
for new purchased 
licenses 



540 



Service Agent 
updates the 
Discovery Database 

expired licenses 
with new purchased 
licenses 



Figure 4 



Attorney's Docket No,: 42390,P7278 PATENT 

DECLARATION AND POWER OF ATTORNEY FOR PATENT APPLICATION 
(FOR INTEL CORPORATION PATENT APPLICATIONS) 

As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below, next to my name. 

I believe I am the original, first, and sole inventor (if only one name is listed below) or an 
original, first, and joint inventor (if plural names are listed below) of the subject matter 
which is claimed and for which a patent is sought on the invention entitled 

Software Anti-Piracy Licensing 

the specification of which 

XX is attached hereto. 

was filed on as 

United States Application Number 

or PCT International Application Number 

and was amended on . 

(if applicable) 

I hereby state that I have reviewed and understand the contents of the above-identified 
specification, including the claim(s), as amended by any amendment referred to above. I 
do not know and do not believe that the claimed invention was ever known or used in the 
United States of America before my invention thereof, or patented or described in any 
printed publication in any country before my invention thereof or more than one year prior 
to this application, that the same was not in public use or on sale in the United States of 
America more than one year prior to this application, and that the invention has not been 
patented or made the subject of an inventor's certificate issued before the date of this 
application in any country foreign to the United States of America on an application filed 
by me or my legal representatives or assigns more than twelve months (for a utiUty patent 
application) or six months (for a design patent application) prior to this application. 

I acknowledge the duty to disclose all information known to me to be material to 
patentability as defined in Title 37, Code of Federal Regulations, Section L56. 

I hereby claim foreign priority benefits under Title 35, United States Code, Section 1 19(a)- 
(d), of any foreign application(s) for patent or inventor's certificate listed below and have 
also identified below any foreign apphcation for patent or inventor's certificate having a 
filing date before that of the application on which priority is claimed: 



INTEL CORPORATION 

Rev. 11/30/98 {D3 INTEL) 



Prior Foreign Application(s) 



Priority 
Claimed 



(Number) 


(Country) 


(Day/Month/Year Filed) 


Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 


Yes 


No" 


(Number) 


(Country) 


(Day/Month/Year Filed) 


Yes 


No" 



I hereby claim the benefit under title 35, United States Code, Section 1 19(e) of any United 
States provisional application(s) listed below 



(Application Number) 



Filing Date 



(Application Number) 



Filing Date 



I hereby claim the benefit under Title 35, United States Code, Section 120 of any United 
States appUcation(s) Usted below and, insofar as the subject matter of each of the claims of 
this application is not disclosed in the prior United States application in the manner 
provided by the first paragraph of Title 35, United States Code, Section 112, 1 acknowledge 
the duty to disclose all information known to me to be material to patentability as defined 
in Title 37, Code of Federal Regulations, Section 1.56 which became available between the 
filing date of the prior application and the national or PCT international filing date of this 
application: 



(Application Number) 



Filing Date 



(Status patented, 

pending, abandoned) 



(Application Number) 



Filing Date 



(Status - patented, 

pending, abandoned) 



INTEL CORPORATION 

Rev. 11/30/98 (D3 INTEL) 



-2- 



I hereby appoint William E. Alford, Reg. No. 37,764; Farzad E. Amini, Reg. No. 
P42,261 ; Aloysius T. C. AuYeung, Reg. No. 35,432; William Thomas Babbitt, Reg. No. 
39,591 ; Carol F. Barry, Reg. No. 41,600; Jordan Michael Becker, Reg. No. 39,602; 
Bradley J. Bereznak, Reg. No. 33,474; Michael A. Bernadicou, Reg. No. 35,934; Roger 
W. Blakely, Jr., Reg. No. 25,831; Gregory D. Caldwell, Reg. No. 39,926; Ronald C. 
Card, Reg. No. P44,587; Thomas M. Coester, Reg. No. 39,637; Donna Jo Coningsby, 
Reg No. 41,684; Stephen M. De Klerk, under 37 C.F.R. § 10.9(b); Michael Anthony 
DeSanctis, Reg. No. 39,957; Daniel M. De Vos, Reg. No. 37,813; Robert Andrew Diehl, 
Reg. No. 40,992; Matthew C. Fagan, Reg. No. 37,542; Tarek N. Fahmi, Reg. No. 
41,402; James Y. Go, Reg. No. 40,621; James A. Henry, Reg. No. 41,064; Willmore F. 
Holbrow III, Reg. No. P41,845; Sheryl Sue Holloway, Reg. No. 37,850; George W 
Hoover II, Reg. No. 32,992; Eric S. Hyman, Reg. No. 30,139; Dag H. Johansen, Reg. 
No. 36,172; William W. Kidd, Reg. No. 31,772; Erica W. Kuo, Reg. No. 42,775; Michael 
J. Maine, Reg. No. 36,591; Andre L. Marais, under 37 C.F.R. § 10.9(b); Paul A. 
Mendonsa, Reg. No. 42,879; Darren J. Milliken, Reg. 42,004; Lisa A. Norrls, Reg. No. 
P44,976; Chun M. Ng, Reg. No. 36,878; Thien T. Nguyen, Reg. No. 43,835; Thinh V. 
Nguyen, Reg. No. 42,034; Dennis A. Nicholls, Reg. No. 42,036; Kimberley G. Nobles, 
Reg. No. 38,255; Daniel E. Ovanezian, Reg. No. 41 ,236; Babak Redjaian, Reg. No. 
42,096; William F. Ryann, Reg. 44,313; James H. Salter, Reg. No. 35,668; William W. 
Schaal, Reg. No. 39,018; James C. Scheller, Reg. No. 31,195; Jeffrey Sam Smith, Reg. 
No. 39,377; Maria McCormack Sobrino, Reg. No. 31,639; Stanley W. Sokoloff, Reg. 
No. 25,128; Judith A. Szepesi, Reg. No. 39,393; Vincent P. Tassinari, Reg. No. 42,179; 
Edwin H. Taylor, Reg. No. 25,129; John F. Travis, Reg. No. 43,203; George G. C. 
Tseng, Reg. No. 41,355; Joseph A. Twarowski, Reg. No. 42,191; Lester J. Vincent, 
Reg. No. 31 ,460; Glenn E. Von Tersch, Reg. No. 41 ,364; John Patrick Ward, 
Reg. No. 40,216; Charles T. J. Weigell, Reg. No. 43,398; Kirk D. Williams, Reg. No. 
42,229; James M. Wu, Reg. No. P45,241; Steven D. Yates, Reg. No. 42,242; Ben J. 
Yorks, Reg. No. 33,609; and Norman Zafman, Reg. No. 26,250; my patent attorneys, 
and Andrew C. Chen, Reg. No. 43,544; Justin M. Dillon, Reg. No. 42,486; Paramita 
Ghosh, Reg. No. 42,806; and Sang Hui Kim, Reg. No. 40,450; my patent agents, of 
BLAKELY, SOKOLOFF, TAYLOR & ZAFMAN LLP, with offices located at 12400 
Wilshire Boulevard, 7th Floor, Los Angeles, California 90025, telephone (310) 207- 
3800, and Alan K. Aldous, Reg. No. 31 ,905; Robert D. Anderson, Reg. No. 33,826; 
Joseph R. Bond, Reg. No. 36,458; Richard C. Caldenwood, Reg. No. 35,468; Jeffrey S. 
Draeger, Reg. No. 41 ,000; Cynthia Thomas Faatz, Reg No. 39,973; Sean Fitzgerald, 
Reg. No. 32,027; Seth Z. Kalson, Reg. No. 40,670; David J. Kaplan, Reg. No. 41,105; 
Charles A. Mirho, Reg. No. 41,199; Leo V. Novakoski, Reg. No. 37,198; Naomi 
Obinata, Reg. No. 39,320; Thomas C. Reynolds, Reg. No. 32,488; Kenneth M. Seddon, 
Reg. No. 43,105; Mark Seeley, Reg. No. 32,299; Steven P. Skabrat, Reg. No. 36,279; 
Howard A. Skaist, Reg. No. 36,008; Steven C. Stewart, Reg. No. 33,555; Raymond J. 
Werner, Reg. No. 34,752; Robert G. Winkle, Reg. No. 37,474; and Charles K. Young, 
Reg. No. 39,435; my patent attorneys, and Thomas Raleigh Lane, Reg. No. 42,781; 
Calvin E. Wells; Reg. No. P43,256, Peter Lam, Reg. No. P44,855; and Gene I. Su, 
Reg. No. 45,140; my patent agents, of INTEL CORPORATION; and James R. Thein, 



INTEL CORPORATION 

Rev. 11/30/98 (D3 INTEL) 



-3- 



Reg. No. 31 ,710, my patent attorney; with full power of substitution and revocation, to 
prosecute this application and to transact all business in the Patent and Trademark 
Office connected herewith. 



Send correspondence to Donna Jo Coningsbv . BLAKELY, SOKOLOFF, TAYLOR 

(Name of Attorney or Agent) 
& ZAFMAN LLP, 12400 Wilshire Boulevard 7th Floor, Los Angeles, California 90025 
and direct telephone calls to Donna Jo Coningsbv . (503) 684-6200. 

(Name of Attorney or Agent) 



I hereby declare that all statements made herein of my own knowledge are true and that all 
statements made on information and behef are believed to be true; and further that these 
statements were made with the knowledge that willful false statements and the like so made 
are punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the 
United States Code and that such willful false statements may jeopardize the validity of the 
application or any patent issued thereon. 

Full Name of Sole/First Inventor Eric B. Remer 



Inventor's Signature Date . 



Residence American Fork, UT Citizenship US 



(City, State) (Country) 
Post Office Address 436 North 580 West, American Fork, UT, 84003 

Full Name of Second/Joint Invento r David A. King 



Inventor's Signature Date . 



Residence Highland, UT Citizenship US 



(City, State) (Country) 
Post Office Address 10833 North 5250 West, Highland, UT 84003 
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Full Name of Third/Joint Invento r David L.Remer 

Inventor's Signature Date 



Residence Orem. UT Citizenship US 

(City, State) (Country) 

Post Office Address 948 South 1590 West. Orem. UT 84058 



Full Name of Fourth/Joint Invento r John C.Allen 

Inventor's Signature Date 

Residence Pleasant Grove. UT Citizenship US 

(City, State) (Country) 

Post Office Address 1324 North 300 East. Pleasant Grove. UT 84062 



Full Name of Fifth/Joint Invento r Jason D.Hale 

Inventor's Signature Date 

Residence Cedar Hills. UT Citizenship US 

(City, State) (Country) 

Post Office Address 9952 North 4680 West. Cedar Hills. UT 84062 
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